FBI Alert: UNC6040 and UNC6395 Targeting Salesforce Platforms for Data Theft and Extortion

The FBI has issued an alert concerning two cybercriminal groups, UNC6040 and UNC6395, which are involved in data theft and extortion activities targeting Salesforce platforms. These groups employ various initial access mechanisms to infiltrate their targets. The alert includes indicators of compromise (IoCs) to assist in identifying these malicious activities. Salesforce, being a widely used CRM platform, holds sensitive customer data, making it an attractive target for cybercriminals. The FBI alert highlights the importance of monitoring Salesforce platforms for any signs of compromise and implementing the provided IoCs for early detection and mitigation. Organizations should review their security measures and incident response plans to ensure they are prepared to deal with potential data breaches and extortion attempts.